3 matches found
PT-2024-24372 · C-Blosc2 · C-Blosc2
Name of the Vulnerable Software and Affected Versions: c-blosc2 versions up to 2.13.2 Description: A critical issue has been found, affecting the ndlz4 decompress function in the file /src/c-blosc2/plugins/codecs/ndlz/ndlz4x4.c. This issue leads to a heap-based buffer overflow. The attack can be...
PT-2022-37250 · Git +1 · C-Blosc2
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free READ 4 crash type. The crash state involves functions such as ndlz4 decompress, blosc d, and do job...
OSV-2021-1645 UNKNOWN READ in ndlz4_decompress
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41636 Crash type: UNKNOWN READ Crash state: ndlz4decompress bloscd dojob...